Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2022-20091 | Use After Free vulnerability in Google Android 11.0/12.0 In aee driver, there is a possible use after free due to a race condition. | 6.4 |
| 2022-05-03 | CVE-2022-20092 | Out-of-bounds Read vulnerability in Google Android 11.0/12.0 In alac decoder, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2022-05-03 | CVE-2022-20094 | Out-of-bounds Write vulnerability in Google Android 11.0/12.0 In imgsensor, there is a possible out of bounds write due to an incorrect bounds check. | 6.7 |
| 2022-05-03 | CVE-2022-20095 | Out-of-bounds Write vulnerability in Google Android 11.0/12.0 In imgsensor, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2022-05-03 | CVE-2022-20096 | Use of Uninitialized Resource vulnerability in Google Android In camera, there is a possible information disclosure due to uninitialized data. | 4.4 |
| 2022-05-03 | CVE-2022-20097 | Race Condition vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to a race condition. | 4.7 |
| 2022-05-03 | CVE-2022-20098 | Missing Authorization vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to a missing permission check. | 4.4 |
| 2022-05-03 | CVE-2022-20100 | Missing Authorization vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to a missing permission check. | 4.4 |
| 2022-05-03 | CVE-2022-28780 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. | 5.5 |
| 2022-05-03 | CVE-2022-28781 | Improper Input Validation vulnerability in Google Android 11.0/12.0 Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. | 6.7 |